Articles about Server

Protected US military server poked via army recruitment website

Beads of sweat must have surely run down the face of one hacker who, while trying to score a bug bounty, inadvertently infiltrated an "internal US Department of Defence website that requires special credentials to access." The unnamed hacker used exploited a pair of vulnerabilities to gain access to the US Army network via an …
Darren Pauli, 23 Jan 2017

Go dark with the flow: Lavabit lives again

It's taken longer than first expected, but the first fruits of Lavabit founder Ladar Levison's Dark Mail Technical Alliance have landed with the relaunch of the encrypted mail service he closed in 2013. After shuttering Lavabit, Levison joined hands with Silent Circle to form the DMTA and promised Lavabit would flow again in …

Seven pet h8s: Verity is sorely vexed

Stob Peter Wayner, a tech columnist, claims to have identified the seven most vexing problems in programming. According to his subheadings, these are: multithreading, closures, "too big data", np-completeness, security, encryption and identity management. Such lists are constructed to be disputed. Game on. To start with, Mr Wayner' …
Verity Stob, 20 Jan 2017
Bitcoin, photo via Shutterstock

SporeStack: Disposable, anonymous servers, via Bitcoin and Python

Hardware infrastructure, once the foundation of computing giants like IBM, has become an abstract commodity thanks to cloud computing, virtualization, and containerization. Through large service providers like Amazon Web Services, Microsoft Azure, and Google Cloud Platform, or smaller ones like DigitalOcean, Linode, and Vultr …
Thomas Claburn, 19 Jan 2017
Penguins pool photo via Shutterstock

Wintel part deux? Microsoft Azure first for Intel Clear Linux

An alliance that dominated the PC industry is entering the world of fluffy white stuff and open source: Microsoft Azure is the first public cloud to include an Intel initiated and container-oriented Clear Linux OS. The Wintel union loosened with the rise of Linux - runing on x86 - and the fall of the PC as peoples' primary …
Gavin Clarke, 19 Jan 2017
Stormtrooper heart photo via shutterstock

Seduced by the Docker side: Microsoft's support could be first shot fired in the Container Wars

Docker was arguably a dumb thing for you to do with your time last year. Developers loved it but enterprises weren’t so sure. That was then, but now Microsoft – mighty in enterprise tech and filled with deep and abiding love for open source – is perhaps Docker's best friend. Not only is Microsoft getting behind Docker-style …
Matt Asay, 19 Jan 2017

Can all-flash arrays, spinning disks and hybrid really live together?

Conventional wisdom says that for performance-sensitive applications, you want all-flash arrays (AFAs), while for less-critical applications and bulk storage, disk is better. How can you use them in conjunction with each other? What would a joint AFA/hybrid/disk environment look like? Broadly speaking, there are two types of …
Danny Bradbury, 19 Jan 2017

Microsoft posts death notices for Windows 7 sysadmin certifications

In the same week that Microsoft's German tentacle declared Windows 7 a security horror that no business in its right mind would continue to use, the company's also announced it will axe some certification exams for the operating system. Microsoft's educators have announced that certs for Windows 7 configuration, plus the the …
Simon Sharwood, 19 Jan 2017

Inspur inspires DDN to be its HPC reseller

DDN has signed a deal for Inspur to sell tested and configured systems to worldwide HPC customers, using DDN storage alongside Inspur servers, networking, software and services. Inspur is the third of three main Chinese server and systems suppliers, the others being Huawei and Lenovo. It quotes Gartner stats to say it was the …
Chris Mellor, 18 Jan 2017
First XC40, photo: Met Office

UK, you Cray. Boffins flex ARM in 'first-of-its-kind' bonkers HPC rig

A fellowship of four UK universities, along with HPC veteran Cray and the Met Office, have been handed £3m to build a 10,000+ ARM core supercomputer. The project could settle whether ARM-based supercomputers can beat Xeon ones on cost while offering the right performance. The scheme is called Isambard, after 19th century Brit …
Chris Mellor, 18 Jan 2017
Space_Shuttle_launch

Hyperconvergered-ception: HPE swallows SimpliVity

Analysis SimpliVity, the second-placed hyperconverged infrastructure appliance startup, has been bought by HPE for $650m, setting the stage for mainstream vendor dominance of the hyperconverged market. HPE now has its own proprietary software stack plus a 3PAR-style hardware-accelerated product line that will fit nicely above its …
Chris Mellor, 18 Jan 2017

Did somebody say object storage? 9 ways to tell if there's a point

Comment Object storage is a relatively new market segment that has continued to grow steadily and is starting to find more reasons for adoption. For the uninitiated, object stores are used to hold large volumes of unstructured data, where each "object" is essentially a file with no specific format (also called a binary file). Object …
Chris Evans, 18 Jan 2017
Image by robodread http://www.shutterstock.com/gallery-529180p1.html

IPv6 vulnerable to fragmentation attacks that threaten core internet routers

A trio of 'net experts argues that a key IPv6 protocol needs fixing to get rid of a fragmentation attack vector against routers in large-scale core networks. The vector, called “atomic fragments” has long been regarded with suspicion by IPv6 security wonks. Here, for example, is a Black Hat 2012 presentation illustrating the …
money_987_648

Hacker cracks Facebook with remote code execution bug

Facebook has paid US$40,000 to vulnerability hunter Andrew Leonov for disclosing how the hacker gained remote code execution on its servers through the widely-reported ImageMagick flaw. Leonov (@4lemon) described how he discovered the so-called ImageTragick flaw still impacting Facebook in a post that detailed all but the most …
Darren Pauli, 18 Jan 2017

Ransomware scum infect cancer non-profit

Ransomware scum have hit a new low by infecting a not-for-profit cancer support organization in Muncie, Indianapolis, US. Little Red Door provides diagnostics, treatment, and supplies to under-served patients, among other services. It told told the Associated Press this week that miscreants infected its central server, …
Team Register, 18 Jan 2017

SOHOpeless routers offer hard-coded credentials and command injection bugs

Yet again, home routers are the home of SOHOpelessness: Zyxel and Billion units distributed in Thailand by TrueOnline have backdoors, and the researcher who found the flaw says the vendors have ignored his attempts to notify them. Long-time router-popper Pablo Ribeiro went public with the pwnage – default admin accounts and …
Image by Sergey Nivens http://www.shutterstock.com/gallery-461077p1.html

Kill it with fire: US-CERT urges admins to firewall off Windows SMB

The US computer emergency readiness team is recommending organisations ditch old versions of the Windows SMB protocol and firewall off access to file servers – after a potential zero-day exploit was released by the Shadow Brokers hacking group. The call from the US security clearing house does not name the Shadow Brokers as …
Darren Pauli, 18 Jan 2017
handshake_648

Multi-silo data-sucker Alluxio inks deal with Dell EMC

Alluxio, the multi-silo Big Data access accelerating startup which did a deal with Huawei last year, has signed a similar one with Dell EMC for its ECS product. The problem Alluxio fixes is that many separate storage schemes exist for large-scale unstructured data that needs to be accessed by many analytics-style apps. Each …
Chris Mellor, 17 Jan 2017
Continuous Lifecycle London 2016 logo

Continuous Lifecycle London: Keynote, workshops announced

REG EVENTS The agenda for Continuous Lifecycle is filling up, with four workshops confirmed, and our first keynote speaker revealed. Continuous delivery pioneer Dave Farley will be taking to the stage as one of our keynote speakers at the London conference in May. Dave was among the instigators of the CD movement, co-writing the seminal …
Team Register, 17 Jan 2017
A man holding a cup of coffee

OpenIO, blind nano-nodes and coffee cup detection

Interview In a story about ARM-powered, Ethernet-addressed, object storing disk drives, I said such drives couldn’t carry out image searches at a drive-level because they would be operating "blindfolded". OpenIO says “rubbish” to that in a blog it wrote (I exaggerate.) So I spoke to OpenIO’s co-founder and COO Marie Ponseel, suggesting …
Chris Mellor, 17 Jan 2017

Power Systems running IBM's VIOS virtualisation need a patch and reboot

IBM on Saturday slipped out news of a nasty bug in its VIOS, its Virtual I/O Server that offers virtualisation services on Power Systems under AIX. Issue IV91339 strikes when moving virtual machines and means “there is a very small timing window where the VIOS may report to the client LPAR that some I/Os have completed before …
Simon Sharwood, 17 Jan 2017
Image by Ensuper http://www.shutterstock.com/gallery-585532p1.html

Dovecot mailserver graded 'nearly impenetrable'

POP and IMAP mailserver suite Dovecot has passed an extensive audit by hackers, who were able to find only three minor vulnerabilities. Dovecot is especially popular with service providers, so the news that four Cure53 researchers have given it a "thoroughly all-encompassing" audit and found the software to have "excellent …
Darren Pauli, 17 Jan 2017

Laser beam sky mirage cannon can spy on enemies and generate Star Trek-style shields

British defence contractor BAE Systems says it has developed a laser-powered "mirage on demand" which can be used to bend the very fabric of the skies to military commanders' whims. The Laser Developed Atmospheric Lens, developed at BAE's Warton factory in Lancashire, works by "changing the Earth's atmosphere into lens-like …
Gareth Corfield, 16 Jan 2017
Ambulance

London Ambulance IT system hit by three outages in last year

The IT system responsible for dispatching ambulances across London has been hit by three outages in the last year, it has emerged. CommandPoint is responsible for ensuring ambulances reach their destination within eight minutes of a call for high-priority emergencies such as cardiac arrests. But that system went down for five …
Kat Hall, 16 Jan 2017

Exascale HPC project pours Euro gravy into Mont-Blanc

The European Commission's multi-phase, super-dupe-compute project Mont-Blanc is pouring more euro gravy into developing an army of ARM SoC compute nodes. It has picked Atos's Bull organisation to build an exascale-class compute node using Cavium's Thunder X2 64-bit ARMv8-A server processor SoC (System-on-Chip). The Mont-Blanc …
Chris Mellor, 16 Jan 2017

Father of Android II: A Hardware Comeback

The "Father of Android" Andy Rubin is plotting a return to hardware – and he could beat Google's own Android successor Andromeda to market. According to Bloomberg, Rubin, who left Google in 2013, has hired former Android engineers for his new venture Essential, with the idea that a "high-end" smartphone will act as a kind of …
Andrew Orlowski, 16 Jan 2017
Google, photo by lightpoet via Shutterstock

Google reveals its servers all contain custom security silicon

Google has published a Infrastructure Security Design Overview that explains how it secures the cloud it uses for its own operations and for public cloud services. Revealed last Friday, the document outlines six layers of security and reveals some interesting factoids about the Alphabet subsidiary's operations, none more so …
Simon Sharwood, 16 Jan 2017
Cloud desktop

Cloud hardware spend hits US$8.4bn/quarter, as traditional kit sinks

Abacus-shuffling outfit IDC has updated its Worldwide Quarterly Cloud IT Infrastructure Tracker with sales data for Q3 2016 and predictions for spend in 2017. In 2016's third quarter the firm says “vendor revenue from sales of infrastructure products (server, storage, and Ethernet switch) for cloud IT, including public and …
Simon Sharwood, 16 Jan 2017

Google floats prototype Key Transparency to tackle secure swap woes

Google has released an open-source technology dubbed Key Transparency, which is designed to offer an interoperable directory of public encryption keys. Key Transparency offers a generic, secure way to discover public keys. The technology is built to scale up to internet size while providing a way to establish secure …
John Leyden, 13 Jan 2017
Container-ship

Do containers stack up as data storage building blocks?

Storage Architect There’s an almost religious divide between those who see containers as entirely stateless objects and others taking a more pragmatic approach that says state and containers is an inevitable thing. In the stateless model, data is assumed to be replicated and protected by many container instances, so the loss of any individual …
Chris Evans, 13 Jan 2017
Trump, photo by uplift the world via Shutterstock

Trump's cyber-guru Giuliani runs ancient 'easily hackable website'

US president-elect Donald Trump's freshly minted cyber-tsar Rudy Giuliani runs a website with a content management system years out of date and potentially utterly hackable. Former New York City mayor and Donald loyalist Giuliani was today unveiled by Trump's transition team as the future president's cybersecurity adviser – …
Darren Pauli, 13 Jan 2017
Quick fix - worker running while carrying a wrench

ISC squishes BIND packet-of-death bugs

BIND administrators, get patching: there are three irritating flaws you need to splat. The denial-of-service vulnerabilities in question are CVE-2016-9131, CVE-2016-9147, and CVE-2016-9444. Common to all three is that they're exploitable denial-of-service bugs that predominantly affect BIND-based DNS servers running in …

iPhone hacking biz Cellebrite hacked

The Israeli company that found fame when it was fingered as a potential source of hacking software used by the FBI to crack open an iPhone has itself been hacked. In a statement on its website, Cellebrite today admitted that an "external web server" containing the company's license management system had been accessed by an …
Kieren McCarthy, 12 Jan 2017

IBM: Cognitive computing needs flash arrays, mark our words

IBM has announced all-flash versions of three DS8880 monolithic arrays revealed last year, with increased flash capacities and a coat of cognitive marketing paint. The previous systems were the DS8884, DS8886 and DS8888. Now we have all-flash variants, denoted by an "F" suffix. These arrays are tailored to provide storage for …
Chris Mellor, 12 Jan 2017

Wi-Fi for audiophiles: Alliance preps TimeSync certification program

At CES last week, the Wi-Fi Alliance announced a certification program for devices supporting the TimeSync feature. The aim is to provide plumbing-layer tools to help deliver high-quality audio and video across a multi-station Wi-Fi network without the final result looking like a bad lip-sych. And, naturally enough, Wi-Fi …

Two tickets to the ARM show: HPE buffs up the StoreVirtual line

HPE has given its SV3200 software a workout to strengthen its muscles with a raft of enhancements, but draws the line at using ARM for file access. The company introduced a low-cost, entry-level, block-access array with its StoreVirtual 3200 in August last year. It comes with a pair of active-active 64-bit ARM controllers, not …
Chris Mellor, 11 Jan 2017
Digital feet, photo via Shutterstock

GoDaddy revokes 9,000 SSL certificates wrongly validated by code bug

GoDaddy was obliged to revoke thousands of SSL certificates on Tuesday as the result of an unspecified software bug. El Reg learnt of the cock-up from readers affected by the issue, who forwarded notification emails (extract below). Due to a software bug, the recently issued certificate for your domain was issued without …
John Leyden, 11 Jan 2017

How to secure MongoDB – because it isn't by default and thousands of DBs are being hacked

The rise in ransomware attacks on MongoDB installations prompted the database maker last week to issue advice on how to avoid being victimized. As of Sunday, security researcher and Microsoft developer Niall Merrigan identified more than 27,000 MongoDB databases seized by ransomware. By Tuesday afternoon Pacific Time, an …
Thomas Claburn, 11 Jan 2017
Privacy

New Windows 10 privacy controls: Just a little snooping – or the max

Microsoft has built an online dashboard of privacy controls in an attempt to soothe lingering anger over Windows 10 and its ability to phone home people's private information. The new web portal lists some of the personal data that is collected from PCs and devices and sent back to Redmond, and allows people to somewhat limit …
Shaun Nichols, 11 Jan 2017
casino_security_648

Ansible patches 'own the farm' vulnerability

Ansible sysadmins, make with the patch-fingers because the project's just gone public with a high-severity bug. CVE-2016-9587 is a peach: “a compromised remote system being managed via Ansible can lead to commands being run on the Ansible controller (as the user running the ansible or ansible-playbook command)”, Ansible lead …
band_aid_patching_648

EMC slings patch at remote hack nonce-nse

Remote attackers can hose EMC hybrid flash storage thanks to cryptographic weaknesses. The patched vulnerability (CVE-2016-0917) affects EMC's VNX1, VNX2 and VNXe systems, including the end-of-life Celerra which will not receive a fix. EMC researchers wrote in a security notice that remote attackers could access the SMB …
Team Register, 11 Jan 2017

This'll be the next thing Trump crows about: Apple assembling servers on American soil

Apple boss Tim Cook and US president-elect Donald Trump aren’t exactly best buds. However, the iPhone maker could soon land the honor of a congratulatory tweet from the jumped-up telly celeb – after it revealed it is expanding its manufacturing in America. Two years ago, Apple announced it would build a $2bn data center in …
Iain Thomson, 10 Jan 2017
Shock

It's now 2017, and your Windows PC can still be pwned by a Word file

Microsoft has begun its 2017 with the release of four updates to address security holes in Windows and Office, while Adobe has posted fixes for more than three dozen vulnerabilities in Flash and Reader. Microsoft's January patch load includes: MS17-001, a fix for the Edge browser to address a flaw that would let a malicious …
Shaun Nichols, 10 Jan 2017
Rock climbing, image via Shutterstock

Talena wants to be distributed database data management rock

Analysis Talena was founded in 2013 to develop data management software for Big Data and non-relational database applications. Its data management software provides backup, recovery, test data management and archiving capabilities for Cassandra, Couchbase, Hadoop, and Vertica. The company claims its software integrates machine learning …
Chris Mellor, 10 Jan 2017

A tale of two conferences: AWS storms ahead, HPE seems to flounder

The Storage Architect As we enter 2017, many people look back at 2016 and attempt to predict what might happen with technology during the coming year. The past isn't always a good reflector of the future (hence the disclaimers on many UK financial institutions' advertising). However, it does do some good to look at where we've …
Chris Evans, 10 Jan 2017
Moon

Reg man howls over HPE Moonshot IoT box

A Moonshot-class, Internet of Things HPE server is being used for down to Earth VDI by Citrix. HPE’s Edgeline servers are for the use of connected "Things" at an IoT network's edge, the place where end-point device data is aggregated and processed before being sent to a central location. What HPE has realised is that this is …
Chris Mellor, 10 Jan 2017

Like stealing data from a kid: LA school pays web scum US$28,000 ransom

A Los Angeles school has made a whopping US$28,000 ransomware payment after hackers raided its network. Attackers had encrypted enough to ruin computer services, email, and messaging at the Los Angeles Community College District. The school paid the bitcoin ransom after learning it had no other alternatives by way of backups …
Darren Pauli, 10 Jan 2017

VNC server library gets security fix

An important fix for libvncserver has landed in Debian and on the library's GitHub page. Late in 2016, a bug emerged in the VNC libraries that left clients vulnerable to malicious servers. As the Debian advisory states, the fix addresses two bugs: CVE-2016-9941 and CVE-2016-9942. The libraries incorrectly handled incoming …

Fedora 25: You've got that Wayland feelin', oh, that Wayland feelin'

Fedora 25 is the first of the major Linux distros to employ the Wayland graphics stack by default. Wayland is one of the biggest low-level changes to hit Linux distros in recent memory and what's most remarkable at least when it comes to Fedora 25 is the move is almost totally transparent. Provided your graphics card is …
Parthenon

Nutanix releases fifth version of Acropolis

Unlike what's happening with the famed Athenian ruin, Nutanix is building up its Acropolis product, and has made v5.0 available with more than 45 new features. These cover its Acropolis data plane, the Prism management plane, and its built-in hypervisor, AHV. The additions make AHV, Nutanix claims, a candidate target for …
Chris Mellor, 05 Jan 2017